예제 #1
1
파일: login.php 프로젝트: oanav/closetshare
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             osc_csrf_check();
             osc_run_hook('before_validating_login');
             // e-mail or/and password is/are empty or incorrect
             $wrongCredentials = false;
             $email = Params::getParam('email');
             $password = Params::getParam('password', false, false);
             if ($email == '') {
                 osc_add_flash_error_message(_m('Please provide an email address'));
                 $wrongCredentials = true;
             }
             if ($password == '') {
                 osc_add_flash_error_message(_m('Empty passwords are not allowed. Please provide a password'));
                 $wrongCredentials = true;
             }
             if ($wrongCredentials) {
                 $this->redirectTo(osc_user_login_url());
             }
             if (osc_validate_email($email)) {
                 $user = User::newInstance()->findByEmail($email);
             }
             if (empty($user)) {
                 $user = User::newInstance()->findByUsername($email);
             }
             if (empty($user)) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
                 $this->redirectTo(osc_user_login_url());
             }
             if (!osc_verify_password($password, isset($user['s_password']) ? $user['s_password'] : '')) {
                 osc_add_flash_error_message(_m('The password is incorrect'));
                 $this->redirectTo(osc_user_login_url());
                 // @TODO if valid user, send email parameter back to the login form
             } else {
                 if (@$user['s_password'] != '') {
                     if (preg_match('|\\$2y\\$([0-9]{2})\\$|', $user['s_password'], $cost)) {
                         if ($cost[1] != BCRYPT_COST) {
                             User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                         }
                     } else {
                         User::newInstance()->update(array('s_password' => osc_hash_password($password)), array('pk_i_id' => $user['pk_i_id']));
                     }
                 }
             }
             // e-mail or/and IP is/are banned
             $banned = osc_is_banned($email);
             // int 0: not banned or unknown, 1: email is banned, 2: IP is banned, 3: both email & IP are banned
             if ($banned & 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
             }
             if ($banned & 2) {
                 osc_add_flash_error_message(_m('Your current IP is not allowed'));
             }
             if ($banned !== 0) {
                 $this->redirectTo(osc_user_login_url());
             }
             osc_run_hook('before_login');
             $url_redirect = osc_get_http_referer();
             $page_redirect = '';
             if (osc_rewrite_enabled()) {
                 if ($url_redirect != '') {
                     $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $url_redirect));
                     $tmp_ar = explode("?", $request_uri);
                     $request_uri = $tmp_ar[0];
                     $rules = Rewrite::newInstance()->listRules();
                     foreach ($rules as $match => $uri) {
                         if (preg_match('#' . $match . '#', $request_uri, $m)) {
                             $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                             if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
                                 $page_redirect = $match[2];
                                 if ($page_redirect == '' || $page_redirect == 'login') {
                                     $url_redirect = osc_user_dashboard_url();
                                 }
                             }
                             break;
                         }
                     }
                 }
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $uActions = new UserActions(false);
             $logged = $uActions->bootstrap_login($user['pk_i_id']);
             if ($logged == 0) {
                 osc_add_flash_error_message(_m("The user doesn't exist"));
             } else {
                 if ($logged == 1) {
                     if (time() - strtotime($user['dt_access_date']) > 1200) {
                         // EACH 20 MINUTES
                         osc_add_flash_error_message(sprintf(_m('The user has not been validated yet. Would you like to re-send your <a href="%s">activation?</a>'), osc_user_resend_activation_link($user['pk_i_id'], $user['s_email'])));
                     } else {
                         osc_add_flash_error_message(_m('The user has not been validated yet'));
                     }
                 } else {
                     if ($logged == 2) {
                         osc_add_flash_error_message(_m('The user has been suspended'));
                     } else {
                         if ($logged == 3) {
                             if (Params::getParam('remember') == 1) {
                                 //this include contains de osc_genRandomPassword function
                                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                                 $secret = osc_genRandomPassword();
                                 User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                                 Cookie::newInstance()->set_expires(osc_time_cookie());
                                 Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                                 Cookie::newInstance()->push('oc_userSecret', $secret);
                                 Cookie::newInstance()->set();
                             }
                             if ($url_redirect == '') {
                                 $url_redirect = osc_user_dashboard_url();
                             }
                             osc_run_hook("after_login", $user, $url_redirect);
                             $this->redirectTo(osc_apply_filter('correct_login_url_redirect', $url_redirect));
                         } else {
                             osc_add_flash_error_message(_m('This should never happen'));
                         }
                     }
                 }
             }
             if (!$user['b_enabled']) {
                 $this->redirectTo(osc_user_login_url());
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'resend':
             $id = Params::getParam('id');
             $email = Params::getParam('email');
             $user = User::newInstance()->findByPrimaryKey($id);
             if ($id == '' || $email == '' || !isset($user) || $user['b_active'] == 1 || $email != $user['s_email']) {
                 osc_add_flash_error_message(_m('Incorrect link'));
                 $this->redirectTo(osc_user_login_url());
             }
             if (time() - strtotime($user['dt_access_date']) > 1200) {
                 // EACH 20 MINUTES
                 if (osc_notify_new_user()) {
                     osc_run_hook('hook_email_admin_new_user', $user);
                 }
                 if (osc_user_validation_enabled()) {
                     osc_run_hook('hook_email_user_validation', $user, $user);
                 }
                 User::newInstance()->update(array('dt_access_date' => date('Y-m-d H:i:s')), array('pk_i_id' => $user['pk_i_id']));
                 osc_add_flash_ok_message(_m('Validation email re-sent'));
             } else {
                 osc_add_flash_warning_message(_m('We have just sent you an email to validate your account, you will have to wait a few minutes to resend it again'));
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             // e-mail is incorrect
             if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
                 osc_add_flash_error_message(_m('Invalid email address'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             $userActions = new UserActions(false);
             $success = $userActions->recover_password();
             switch ($success) {
                 case 0:
                     // recover ok
                     osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 1:
                     // e-mail does not exist
                     osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
                 case 2:
                     // recaptcha wrong
                     osc_add_flash_error_message(_m('The recaptcha code is wrong'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             osc_csrf_check();
             if (Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
             }
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user['b_enabled'] == 1) {
                 if (Params::getParam('new_password', false, false) == Params::getParam('new_password2', false, false)) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => Params::getServerParam('REMOTE_ADDR'), 's_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_ok_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_error_message(_m("Error, the password don't match"));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             Session::newInstance()->_setReferer(osc_get_http_referer());
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
<?php

/**
 * Show the form to edit a system user.
 *
 * @package		ProjectSend
 * @subpackage	Users
 *
 */
$allowed_levels = array(9, 8, 7);
require_once 'sys.includes.php';
$active_nav = 'users';
$database->MySQLDB();
/** Create the object */
$edit_user = new UserActions();
/** Check if the id parameter is on the URI. */
if (isset($_GET['id'])) {
    $user_id = mysql_real_escape_string($_GET['id']);
    /**
     * Check if the id corresponds to a real user.
     * Return 1 if true, 2 if false.
     **/
    $page_status = user_exists_id($user_id) ? 1 : 2;
} else {
    /**
     * Return 0 if the id is not set.
     */
    $page_status = 0;
}
/**
 * Get the user information from the database to use on the form.
예제 #3
0
파일: users.php 프로젝트: semul/Osclass
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'create':
             // callign create view
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aCountries = Country::newInstance()->listAll();
             if (isset($aCountries[0]['pk_c_code'])) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             if (isset($aRegions[0]['pk_i_id'])) {
                 $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
             }
             $this->_exportVariableToView('user', null);
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'create_post':
             // creating the user...
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
                     break;
                 case 3:
                     osc_add_flash_warning_message(_m('Sorry, but that e-mail is already in use'), 'admin');
                     break;
                 case 5:
                     osc_add_flash_warning_message(_m('The specified e-mail is not valid'), 'admin');
                     break;
                 case 6:
                     osc_add_flash_warning_message(_m('Sorry, the password cannot be empty'), 'admin');
                     break;
                 case 7:
                     osc_add_flash_warning_message(_m("Sorry, passwords don't match"), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'edit':
             // calling the edit view
             $aUser = array();
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($aUser['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
             } else {
                 if (count($aCountries) > 0) {
                     $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
                 }
             }
             $aCities = array();
             if ($aUser['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView("user", $aUser);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'edit_post':
             // edit post
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->edit(Params::getParam("id"));
             switch ($success) {
                 case 1:
                     osc_add_flash_error_message(_m("Passwords don't match"), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
                     break;
                 default:
                     osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'resend_activation':
             //activate
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->resend_activation($id);
             }
             if ($iUpdated == 0) {
                 osc_add_flash_error_message(_m('No users have been selected'), 'admin');
             } else {
                 osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'activate':
             //activate
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->activate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been activated');
             } else {
                 $msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'deactivate':
             //deactivate
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->deactivate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been deactivated');
             } else {
                 $msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'enable':
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->enable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been enabled');
             } else {
                 $msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'disable':
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->disable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been disabled');
             } else {
                 $msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'delete':
             //delete
             $iDeleted = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             foreach ($userId as $id) {
                 $user = $this->userManager->findByPrimaryKey($id);
                 Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
                 if ($this->userManager->deleteUser($id)) {
                     $iDeleted++;
                 }
             }
             if ($iDeleted == 0) {
                 $msg = _m('No users have been deleted');
             } else {
                 $msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'settings':
             // calling the users settings view
             $this->doView('users/settings.php');
             break;
         case 'settings_post':
             // updating users
             $iUpdated = 0;
             $enabledUserValidation = Params::getParam('enabled_user_validation');
             $enabledUserValidation = $enabledUserValidation != '' ? true : false;
             $enabledUserRegistration = Params::getParam('enabled_user_registration');
             $enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
             $enabledUsers = Params::getParam('enabled_users');
             $enabledUsers = $enabledUsers != '' ? true : false;
             $notifyNewUser = Params::getParam('notify_new_user');
             $notifyNewUser = $notifyNewUser != '' ? true : false;
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserValidation), array('s_name' => 'enabled_user_validation'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserRegistration), array('s_name' => 'enabled_user_registration'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUsers), array('s_name' => 'enabled_users'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewUser), array('s_name' => 'notify_new_user'));
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m("User settings have been updated"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
             break;
         default:
             // manage users view
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') == '') {
                 Params::setParam('iDisplayLength', 10);
             }
             $p_iPage = 1;
             if (is_numeric(Params::getParam('iPage')) && Params::getParam('iPage') >= 1) {
                 $p_iPage = Params::getParam('iPage');
             }
             Params::setParam('iPage', $p_iPage);
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             $this->_exportVariableToView('sSearch', Params::getParam('sSearch'));
             require_once osc_admin_base_path() . 'ajax/users_processing.php';
             $users_processing = new UsersProcessingAjax(Params::getParamsAsArray("get"));
             $aData = $users_processing->result();
             $page = (int) Params::getParam('iPage');
             if (count($aData['aaData']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aUsers', $aData);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/index.php");
             break;
     }
 }
예제 #4
0
파일: user.php 프로젝트: naneri/Osclass
 function doModel()
 {
     switch ($this->action) {
         case 'dashboard':
             //dashboard...
             $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
             $aItems = Item::newInstance()->findByUserIDEnabled(osc_logged_user_id(), 0, $max_items);
             //calling the view...
             $this->_exportVariableToView('items', $aItems);
             $this->_exportVariableToView('max_items', $max_items);
             $this->doView('user-dashboard.php');
             break;
         case 'profile':
             //profile...
             $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($user['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
             } elseif (count($aCountries) > 0) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             $aCities = array();
             if ($user['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             //calling the view...
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('user', $user);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView('user-profile.php');
             break;
         case 'profile_post':
             //profile post...
             osc_csrf_check();
             $userId = Session::newInstance()->_get('userId');
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->edit($userId);
             if ($success == 1 || $success == 2) {
                 osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
             } else {
                 osc_add_flash_error_message($success);
             }
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'alerts':
             //alerts
             $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'), false);
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             foreach ($aAlerts as $k => $a) {
                 $array_conditions = (array) json_decode($a['s_search']);
                 //                                            $search = Search::newInstance();
                 $search = new Search();
                 $search->setJsonAlert($array_conditions);
                 $search->limit(0, 3);
                 $aAlerts[$k]['items'] = $search->doSearch();
             }
             $this->_exportVariableToView('alerts', $aAlerts);
             View::newInstance()->_reset('alerts');
             $this->_exportVariableToView('user', $user);
             $this->doView('user-alerts.php');
             break;
         case 'change_email':
             //change email
             $this->doView('user-change_email.php');
             break;
         case 'change_email_post':
             //change email post
             osc_csrf_check();
             if (!osc_validate_email(Params::getParam('new_email'))) {
                 osc_add_flash_error_message(_m('The specified e-mail is not valid'));
                 $this->redirectTo(osc_change_user_email_url());
             } else {
                 $user = User::newInstance()->findByEmail(Params::getParam('new_email'));
                 if (!isset($user['pk_i_id'])) {
                     $userEmailTmp = array();
                     $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
                     $userEmailTmp['s_new_email'] = Params::getParam('new_email');
                     UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
                     $code = osc_genRandomPassword(30);
                     $date = date('Y-m-d H:i:s');
                     $userManager = new User();
                     $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
                     $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
                     osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
                     $this->redirectTo(osc_user_profile_url());
                 } else {
                     osc_add_flash_error_message(_m('The specified e-mail is already in use'));
                     $this->redirectTo(osc_change_user_email_url());
                 }
             }
             break;
         case 'change_username':
             //change username
             $this->doView('user-change_username.php');
             break;
         case 'change_username_post':
             //change username
             $username = osc_sanitize_username(Params::getParam('s_username'));
             osc_run_hook('before_username_change', Session::newInstance()->_get('userId'), $username);
             if ($username != '') {
                 $user = User::newInstance()->findByUsername($username);
                 if (isset($user['s_username'])) {
                     osc_add_flash_error_message(_m('The specified username is already in use'));
                 } else {
                     if (!osc_is_username_blacklisted($username)) {
                         User::newInstance()->update(array('s_username' => $username), array('pk_i_id' => Session::newInstance()->_get('userId')));
                         osc_add_flash_ok_message(_m('The username was updated'));
                         osc_run_hook('after_username_change', Session::newInstance()->_get('userId'), Params::getParam('s_username'));
                         $this->redirectTo(osc_user_profile_url());
                     } else {
                         osc_add_flash_error_message(_m('The specified username is not valid, it contains some invalid words'));
                     }
                 }
             } else {
                 osc_add_flash_error_message(_m('The specified username could not be empty'));
             }
             $this->redirectTo(osc_change_user_username_url());
             break;
         case 'change_password':
             //change password
             $this->doView('user-change_password.php');
             break;
         case 'change_password_post':
             //change password post
             osc_csrf_check();
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             if (Params::getParam('password', false, false) == '' || Params::getParam('new_password', false, false) == '' || Params::getParam('new_password2', false, false) == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (!osc_verify_password(Params::getParam('password', false, false), $user['s_password'])) {
                 osc_add_flash_error_message(_m("Current password doesn't match"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (!Params::getParam('new_password', false, false)) {
                 osc_add_flash_error_message(_m("Passwords can't be empty"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (Params::getParam('new_password', false, false) != Params::getParam('new_password2', false, false)) {
                 osc_add_flash_error_message(_m("Passwords don't match"));
                 $this->redirectTo(osc_change_user_password_url());
             }
             User::newInstance()->update(array('s_password' => osc_hash_password(Params::getParam('new_password', false, false))), array('pk_i_id' => Session::newInstance()->_get('userId')));
             osc_add_flash_ok_message(_m('Password has been changed'));
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'items':
             // view items user
             $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 10;
             $page = Params::getParam('iPage') > 0 ? Params::getParam('iPage') - 1 : 0;
             $itemType = Params::getParam('itemType');
             $total_items = Item::newInstance()->countItemTypesByUserID(osc_logged_user_id(), $itemType);
             $total_pages = ceil($total_items / $itemsPerPage);
             $items = Item::newInstance()->findItemTypesByUserID(osc_logged_user_id(), $page * $itemsPerPage, $itemsPerPage, $itemType);
             $this->_exportVariableToView('items', $items);
             $this->_exportVariableToView('search_total_pages', $total_pages);
             $this->_exportVariableToView('search_total_items', $total_items);
             $this->_exportVariableToView('items_per_page', $itemsPerPage);
             $this->_exportVariableToView('items_type', $itemType);
             $this->_exportVariableToView('search_page', $page);
             $this->doView('user-items.php');
             break;
         case 'activate_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $result = 0;
             if ($email != '' && $secret != '') {
                 $result = Alerts::newInstance()->activate($email, $secret);
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Alert activated'));
             } else {
                 osc_add_flash_error_message(_m('Oops! There was a problem trying to activate your alert. Please contact an administrator'));
             }
             $this->redirectTo(osc_base_url());
             break;
         case 'unsub_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $id = Params::getParam('id');
             $alert = Alerts::newInstance()->findByPrimaryKey($id);
             $result = 0;
             if (!empty($alert)) {
                 if ($email == $alert['s_email'] && $secret == $alert['s_secret']) {
                     $result = Alerts::newInstance()->unsub($id);
                 }
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Unsubscribed correctly'));
             } else {
                 osc_add_flash_error_message(_m('Oops! There was a problem trying to unsubscribe you. Please contact an administrator'));
             }
             $this->redirectTo(osc_user_alerts_url());
             break;
         case 'delete':
             $id = Params::getParam('id');
             $secret = Params::getParam('secret');
             if (osc_is_web_user_logged_in()) {
                 $user = User::newInstance()->findByPrimaryKey(osc_logged_user_id());
                 View::newInstance()->_exportVariableToView('user', $user);
                 if (!empty($user) && osc_logged_user_id() == $id && $secret == $user['s_secret']) {
                     User::newInstance()->deleteUser(osc_logged_user_id());
                     Session::newInstance()->_drop('userId');
                     Session::newInstance()->_drop('userName');
                     Session::newInstance()->_drop('userEmail');
                     Session::newInstance()->_drop('userPhone');
                     Cookie::newInstance()->pop('oc_userId');
                     Cookie::newInstance()->pop('oc_userSecret');
                     Cookie::newInstance()->set();
                     osc_add_flash_ok_message(_m("Your account have been deleted"));
                     $this->redirectTo(osc_base_url());
                 } else {
                     osc_add_flash_error_message(_m("Oops! you can not do that"));
                     $this->redirectTo(osc_user_dashboard_url());
                 }
             } else {
                 osc_add_flash_error_message(_m("Oops! you can not do that"));
                 $this->redirectTo(osc_base_url());
             }
             break;
     }
 }
예제 #5
0
파일: login.php 프로젝트: acharei/OSClass
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $user = User::newInstance()->findByEmail(Params::getParam('email'));
             $url_redirect = osc_user_dashboard_url();
             $page_redirect = '';
             if (osc_rewrite_enabled()) {
                 if (isset($_SERVER['HTTP_REFERER'])) {
                     $request_uri = urldecode(preg_replace('@^' . osc_base_url() . '@', "", $_SERVER['HTTP_REFERER']));
                     $tmp_ar = explode("?", $request_uri);
                     $request_uri = $tmp_ar[0];
                     $rules = Rewrite::newInstance()->listRules();
                     foreach ($rules as $match => $uri) {
                         if (preg_match('#' . $match . '#', $request_uri, $m)) {
                             $request_uri = preg_replace('#' . $match . '#', $uri, $request_uri);
                             if (preg_match('|([&?]{1})page=([^&]*)|', '&' . $request_uri . '&', $match)) {
                                 $page_redirect = $match[2];
                             }
                             break;
                         }
                     }
                 }
             } else {
                 if (preg_match('|[\\?&]page=([^&]+)|', $_SERVER['HTTP_REFERER'] . '&', $match)) {
                     $page_redirect = $match[1];
                 }
             }
             if (Params::getParam('http_referer') != '') {
                 Session::newInstance()->_setReferer(Params::getParam('http_referer'));
                 $url_redirect = Params::getParam('http_referer');
             } else {
                 if (Session::newInstance()->_getReferer() != '') {
                     Session::newInstance()->_setReferer(Session::newInstance()->_getReferer());
                     $url_redirect = Session::newInstance()->_getReferer();
                 } else {
                     if ($page_redirect != '' && $page_redirect != 'login') {
                         Session::newInstance()->_setReferer($_SERVER['HTTP_REFERER']);
                         $url_redirect = $_SERVER['HTTP_REFERER'];
                     }
                 }
             }
             if (!$user) {
                 osc_add_flash_error_message(_m('The username doesn\'t exist'));
                 $this->redirectTo(osc_user_login_url());
             }
             if ($user["s_password"] != sha1(Params::getParam('password'))) {
                 osc_add_flash_error_message(_m('The password is incorrect'));
                 $this->redirectTo(osc_user_login_url());
             }
             $uActions = new UserActions(false);
             $logged = $uActions->bootstrap_login($user['pk_i_id']);
             if ($logged == 0) {
                 osc_add_flash_error_message(_m('The username doesn\'t exist'));
             } else {
                 if ($logged == 1) {
                     osc_add_flash_error_message(_m('The user has not been validated yet'));
                 } else {
                     if ($logged == 2) {
                         osc_add_flash_error_message(_m('The user has been suspended'));
                     } else {
                         if ($logged == 3) {
                             if (Params::getParam('remember') == 1) {
                                 //this include contains de osc_genRandomPassword function
                                 require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                                 $secret = osc_genRandomPassword();
                                 User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                                 Cookie::newInstance()->set_expires(osc_time_cookie());
                                 Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                                 Cookie::newInstance()->push('oc_userSecret', $secret);
                                 Cookie::newInstance()->set();
                             }
                             $this->redirectTo($url_redirect);
                         } else {
                             osc_add_flash_error_message(_m('This should never happens'));
                         }
                     }
                 }
             }
             if (!$user['b_enabled']) {
                 $this->redirectTo(osc_user_login_url());
             }
             $this->redirectTo(osc_user_login_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             require_once LIB_PATH . 'osclass/UserActions.php';
             // e-mail is incorrect
             if (!preg_match('|^[a-z0-9\\.\\_\\+\\-]+@[a-z0-9\\.\\-]+\\.[a-z]{2,3}$|i', Params::getParam('s_email'))) {
                 osc_add_flash_error_message(_m('Invalid email address'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             $userActions = new UserActions(false);
             $success = $userActions->recover_password();
             switch ($success) {
                 case 0:
                     // recover ok
                     osc_add_flash_ok_message(_m('We have sent you an email with the instructions to reset your password'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 1:
                     // e-mail does not exist
                     osc_add_flash_error_message(_m('We were not able to identify you given the information provided'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
                 case 2:
                     // recaptcha wrong
                     osc_add_flash_error_message(_m('The recaptcha code is wrong'));
                     $this->redirectTo(osc_recover_user_password_url());
                     break;
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             if (Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
             }
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user['b_enabled'] == 1) {
                 if (Params::getParam('new_password') == Params::getParam('new_password2')) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_ok_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_error_message(_m('Error, the password don\'t match'));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_error_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
예제 #6
0
function make_userlogin()
{
    if (isset($_GET['page'])) {
        return;
    }
    $facebookData = FacebookClassified::newInstance()->selectFacebookData();
    $api_id = osc_get_preference('facebook_api_id', 'classified');
    $api_secret = osc_get_preference('facebook_api_secret', 'classified');
    if (isset($_GET['code']) and !empty($_GET['code'])) {
        $code = $_GET['code'];
        if (!empty($code)) {
            $get_access_data = facebookall_get_fb_contents("https://graph.facebook.com/v2.3/oauth/access_token?" . 'client_id=' . $api_id . '&redirect_uri=' . urlencode(osc_base_url()) . '&client_secret=' . $api_secret . '&code=' . urlencode($code));
            $access_data = json_decode($get_access_data, true);
        }
        if (empty($access_data['access_token'])) {
            $get_access_data = facebookall_get_fb_contents("https://graph.facebook.com/v2.3/oauth/access_token?" . 'client_id=' . $api_id . '&redirect_uri=' . urlencode(osc_base_url()) . '&client_secret=' . $api_secret . '&code=' . urlencode($code));
            $access_data = json_decode($get_access_data, true);
        }
        if (!empty($access_data['access_token'])) {
            $access_token = $access_data['access_token'];
        } else {
            echo 'Error : Could not get access token please check your app settings for more about this error<br> Or Follow our doc setion <a href="http://sourceaddons.com/documentation">Documentation Section</a>.';
            exit;
        }
        ?>
    <script>
      window.opener.FbAll.parentRedirect({'action' : 'fball', 'fball_access_token' : '<?php 
        echo $access_token;
        ?>
'});
      window.close();
    </script>
    <?php 
    }
    if (!empty($_REQUEST['fball_access_token']) and isset($_REQUEST['fball_redirect'])) {
        $user_info = json_decode(facebookall_get_fb_contents("https://graph.facebook.com/v2.3/me?access_token=" . $_REQUEST['fball_access_token']));
        Session::newInstance()->_set('fb-token', $_REQUEST['fball_access_token']);
        $user_data = get_userprofile_data($user_info);
        if (!empty($user_data['email']) and !empty($user_data['id'])) {
            // Filter username form data.
            if (!empty($user_data['name'])) {
                $username = $user_data['name'];
            } else {
                if (!empty($user_data['first_name']) && !empty($user_data['last_name'])) {
                    $username = $user_data['first_name'] . $user_data['last_name'];
                } else {
                    $user_emailname = explode('@', $user_data['email']);
                    $username = $user_emailname[0];
                }
            }
            $user_login = $username;
            $new_user = false;
            $user_id = get_userid($user_data['id']);
            if (empty($user_id)) {
                //Not Registered As Facebook User
                $u_data = User::newInstance()->findByEmail($user_data['email']);
                if (!empty($u_data)) {
                    //Registered As OSClass but not as Facebook User
                    $user = User::newInstance()->findByEmail($user_data['email']);
                    insert_facebook_user_data($user['pk_i_id'], $user_data['id']);
                } else {
                    //New User Not Registered as Facebook User And OSClass User
                    $new_user = true;
                    register_user($user_data);
                }
            }
            $manager = User::newInstance();
            $oscUser = $manager->findByEmail($user_data['email']);
            $email = $oscUser['pk_i_id'];
            require_once osc_lib_path() . 'osclass/UserActions.php';
            $uActions = new UserActions(false);
            $logged = $uActions->bootstrap_login($oscUser['pk_i_id']);
            // Redirect user.
            osc_redirect_to(osc_user_dashboard_url());
            /*
              if (!empty ($_GET['redirect_to'])) {
                $redirect_to = $_GET['redirect_to'];
                wp_safe_redirect ($redirect_to);
              }
              else {
                $redirect_to = facebookall_redirect_loggedin_user();
                wp_redirect ($redirect_to);
              }
              exit();
            }
            */
        }
    }
}
예제 #7
0
 function doModel()
 {
     switch ($this->action) {
         case 'register':
             //register user
             $this->doView('user-register.php');
             break;
         case 'register_post':
             //register user
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m('The user has been created. An activation email has been sent'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('Your account has been created successfully'));
                     $this->doView('user-login.php');
                     break;
                 case 3:
                     osc_add_flash_error_message(_m('The specified e-mail is already in use'));
                     $this->doView('user-register.php');
                     break;
                 case 4:
                     osc_add_flash_error_message(_m('The reCAPTCHA was not introduced correctly'));
                     $this->doView('user-register.php');
                     break;
                 case 5:
                     osc_add_flash_error_message(_m('The email is not valid'));
                     $this->doView('user-register.php');
                     break;
             }
             break;
         case 'validate':
             //validate account
             $id = intval(Params::getParam('id'));
             $code = Params::getParam('code');
             $userManager = new User();
             $user = $userManager->findByIdSecret($id, $code);
             if ($user) {
                 if ($user['b_active'] == 0) {
                     $userManager = new User();
                     $userManager->update(array('b_active' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
                     osc_run_hook('hook_email_user_registration', $user);
                     osc_run_hook('validate_user', $user);
                     osc_add_flash_ok_message(_m('Your account has been validated'));
                     // Auto-login
                     Session::newInstance()->_set('userId', $user['pk_i_id']);
                     Session::newInstance()->_set('userName', $user['s_name']);
                     Session::newInstance()->_set('userEmail', $user['s_email']);
                     $phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
                     Session::newInstance()->_set('userPhone', $phone);
                 } else {
                     osc_add_flash_error_message(_m('Your account has already been validated'));
                 }
             } else {
                 osc_add_flash_error_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
             }
             $this->redirectTo(osc_base_url());
             break;
     }
 }
예제 #8
0
 function doModel()
 {
     switch ($this->action) {
         case 'register':
             //register user
             $this->doView('user-register.php');
             break;
         case 'register_post':
             //register user
             osc_csrf_check();
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             osc_run_hook('before_user_register');
             $banned = osc_is_banned(Params::getParam('s_email'));
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_register_account_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_register_account_url());
                 }
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m('The user has been created. An activation email has been sent'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('Your account has been created successfully'));
                     $this->doView('user-login.php');
                     break;
                 case 3:
                     osc_add_flash_warning_message(_m('The specified e-mail is already in use'));
                     $this->doView('user-register.php');
                     break;
                 case 4:
                     osc_add_flash_error_message(_m('The reCAPTCHA was not entered correctly'));
                     $this->doView('user-register.php');
                     break;
                 case 5:
                     osc_add_flash_warning_message(_m('The email is not valid'));
                     $this->doView('user-register.php');
                     break;
                 case 6:
                     osc_add_flash_warning_message(_m('The password cannot be empty'));
                     $this->doView('user-register.php');
                     break;
                 case 7:
                     osc_add_flash_warning_message(_m("Passwords don't match"));
                     $this->doView('user-register.php');
                     break;
                 case 8:
                     osc_add_flash_warning_message(_m("Username is already taken"));
                     $this->doView('user-register.php');
                     break;
                 case 9:
                     osc_add_flash_warning_message(_m("The specified username is not valid, it contains some invalid words"));
                     $this->doView('user-register.php');
                     break;
             }
             break;
         case 'validate':
             //validate account
             $id = intval(Params::getParam('id'));
             $code = Params::getParam('code');
             $userManager = new User();
             $user = $userManager->findByIdSecret($id, $code);
             if (!$user) {
                 osc_add_flash_error_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
                 $this->redirectTo(osc_base_url());
             }
             if ($user['b_active'] == 1) {
                 osc_add_flash_error_message(_m('Your account has already been validated'));
                 $this->redirectTo(osc_base_url());
             }
             $userManager = new User();
             $userManager->update(array('b_active' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
             // Auto-login
             Session::newInstance()->_set('userId', $user['pk_i_id']);
             Session::newInstance()->_set('userName', $user['s_name']);
             Session::newInstance()->_set('userEmail', $user['s_email']);
             $phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
             Session::newInstance()->_set('userPhone', $phone);
             osc_run_hook('hook_email_user_registration', $user);
             osc_run_hook('validate_user', $user);
             osc_add_flash_ok_message(_m('Your account has been validated'));
             $this->redirectTo(osc_base_url());
             break;
     }
 }
예제 #9
0
파일: users.php 프로젝트: acharei/OSClass
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'create':
             // callign create view
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aCountries = Country::newInstance()->listAll();
             if (isset($aCountries[0]['pk_c_code'])) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             if (isset($aRegions[0]['pk_i_id'])) {
                 $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
             }
             $this->_exportVariableToView('user', null);
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'create_post':
             // creating the user...
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m('The user has been created. We\'ve sent an activation e-mail'), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
                     break;
                 case 3:
                     osc_add_flash_warning_message(_m('Sorry, but that e-mail is already in use'), 'admin');
                     break;
                 case 5:
                     osc_add_flash_warning_message(_m('The specified e-mail is not valid'), 'admin');
                     break;
                 case 6:
                     osc_add_flash_warning_message(_m('Sorry, the password cannot be empty'), 'admin');
                     break;
                 case 7:
                     osc_add_flash_warning_message(_m("Sorry, passwords don't match"), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'edit':
             // calling the edit view
             $aUser = array();
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($aUser['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
             } else {
                 if (count($aCountries) > 0) {
                     $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
                 }
             }
             $aCities = array();
             if ($aUser['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView("user", $aUser);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'edit_post':
             // edit post
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->edit(Params::getParam("id"));
             switch ($success) {
                 case 1:
                     osc_add_flash_error_message(_m('Passwords don\'t match'), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
                     break;
                 default:
                     osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'activate':
             //activate
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->activate($id);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been activated');
                     break;
                 case 1:
                     $msg = _m('One user has been activated');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been activated'), $iUpdated);
                     break;
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'deactivate':
             //deactivate
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->deactivate($id);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been deactivated');
                     break;
                 case 1:
                     $msg = _m('One user has been deactivated');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been deactivated'), $iUpdated);
                     break;
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'enable':
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->enable($id);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been enabled');
                     break;
                 case 1:
                     $msg = _m('One user has been enabled');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been enabled'), $iUpdated);
                     break;
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'disable':
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->disable($id);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been disabled');
                     break;
                 case 1:
                     $msg = _m('One user has been disabled');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been disabled'), $iUpdated);
                     break;
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'delete':
             //delete
             $iDeleted = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             foreach ($userId as $id) {
                 $user = $this->userManager->findByPrimaryKey($id);
                 Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
                 if ($this->userManager->deleteUser($id)) {
                     $iDeleted++;
                 }
             }
             switch ($iDeleted) {
                 case 0:
                     $msg = _m('No user has been deleted');
                     break;
                 case 1:
                     $msg = _m('One user has been deleted');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been deleted'), $iDeleted);
                     break;
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'settings':
             // calling the users settings view
             $this->doView('users/settings.php');
             break;
         case 'settings_post':
             // updating users
             $iUpdated = 0;
             $enabledUserValidation = Params::getParam('enabled_user_validation');
             $enabledUserValidation = $enabledUserValidation != '' ? true : false;
             $enabledUserRegistration = Params::getParam('enabled_user_registration');
             $enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
             $enabledUsers = Params::getParam('enabled_users');
             $enabledUsers = $enabledUsers != '' ? true : false;
             $notifyNewUser = Params::getParam('notify_new_user');
             $notifyNewUser = $notifyNewUser != '' ? true : false;
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserValidation), array('s_name' => 'enabled_user_validation'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUserRegistration), array('s_name' => 'enabled_user_registration'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $enabledUsers), array('s_name' => 'enabled_users'));
             $iUpdated += Preference::newInstance()->update(array('s_value' => $notifyNewUser), array('s_name' => 'notify_new_user'));
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m('Users\' settings have been updated'), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
             break;
         default:
             // manage users view
             $aUsers = $this->userManager->listAll();
             $this->_exportVariableToView("users", $aUsers);
             $this->doView("users/index.php");
             break;
     }
 }
예제 #10
0
 function doModel()
 {
     switch ($this->action) {
         case 'dashboard':
             //dashboard...
             $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
             $aItems = Item::newInstance()->findByUserID(Session::newInstance()->_get('userId'), 0, $max_items);
             //Item::newInstance()->listWhere("fk_i_user_id = ".Session::newInstance()->_get('userId'));
             //calling the view...
             $this->_exportVariableToView('items', $aItems);
             $this->_exportVariableToView('max_items', $max_items);
             $this->doView('user-dashboard.php');
             break;
         case 'profile':
             //profile...
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($user['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->getByCountry($user['fk_c_country_code']);
             } elseif (count($aCountries) > 0) {
                 $aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
             }
             $aCities = array();
             if ($user['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $user['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
                 }
             }
             //calling the view...
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('user', $user);
             $this->doView('user-profile.php');
             break;
         case 'profile_post':
             //profile post...
             $userId = Session::newInstance()->_get('userId');
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->edit($userId);
             // This has been moved to special area (only password changes)
             /*if( $success == 1 ) {
                   osc_add_flash_message( _m('Passwords don\'t match') ) ;
               } else {*/
             osc_add_flash_message(_m('Your profile has been updated successfully'));
             //}
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'alerts':
             //alerts
             $aAlerts = Alerts::newInstance()->getAlertsFromUser(Session::newInstance()->_get('userId'));
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             foreach ($aAlerts as $k => $a) {
                 $search = osc_unserialize(base64_decode($a['s_search']));
                 $search->limit(0, 3);
                 $aAlerts[$k]['items'] = $search->doSearch();
             }
             $this->_exportVariableToView('alerts', $aAlerts);
             View::newInstance()->_reset('alerts');
             $this->_exportVariableToView('user', $user);
             $this->doView('user-alerts.php');
             break;
         case 'change_email':
             //change email
             $this->doView('user-change_email.php');
             break;
         case 'change_email_post':
             //change email post
             if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
                 osc_add_flash_message(_m('The specified e-mail is not valid'));
                 $this->redirectTo(osc_change_user_email_url());
             } else {
                 $user = User::newInstance()->findByEmail(Params::getParam('new_email'));
                 if (!isset($user['pk_i_id'])) {
                     if (osc_user_validation_enabled()) {
                         $userEmailTmp = array();
                         $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
                         $userEmailTmp['s_new_email'] = Params::getParam('new_email');
                         UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
                         $code = osc_genRandomPassword(30);
                         $date = date('Y-m-d H:i:s');
                         $userManager = new User();
                         $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
                         $locale = osc_current_user_locale();
                         $aPage = Page::newInstance()->findByInternalName('email_new_email');
                         if (isset($aPage['locale'][$locale]['s_title'])) {
                             $content = $aPage['locale'][$locale];
                         } else {
                             $content = current($aPage['locale']);
                         }
                         if (!is_null($content)) {
                             $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
                             $words = array();
                             $words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_URL}', '{WEB_TITLE}', '{VALIDATION_LINK}', '{VALIDATION_URL}');
                             $words[] = array(Session::newInstance()->_get('userName'), Params::getParam('new_email'), osc_base_url(), osc_page_title(), '<a href="' . $validation_url . '" >' . $validation_url . '</a>', $validation_url);
                             $title = osc_mailBeauty($content['s_title'], $words);
                             $body = osc_mailBeauty($content['s_text'], $words);
                             $params = array('subject' => $title, 'to' => Params::getParam('new_email'), 'to_name' => Session::newInstance()->_get('userName'), 'body' => $body, 'alt_body' => $body);
                             osc_sendMail($params);
                             osc_add_flash_message(_m('We have sent you an e-mail. Follow the instructions to validate the changes'));
                         } else {
                             osc_add_flash_message(_m('We tried to sent you an e-mail, but it failed. Please, contact the administrator'));
                         }
                         $this->redirectTo(osc_user_profile_url());
                     } else {
                         User::newInstance()->update(array('s_email' => Params::getParam('new_email')), array('pk_i_id' => Params::getParam('userId')));
                         osc_add_flash_message(_m('Your email has been changed successfully'));
                         $this->redirectTo(osc_user_profile_url());
                     }
                 } else {
                     osc_add_flash_message(_m('The specified e-mail is already in use'));
                     $this->redirectTo(osc_change_user_email_url());
                 }
             }
             break;
         case 'change_password':
             //change password
             $this->doView('user-change_password.php');
             break;
         case 'change_password_post':
             //change password post
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             if ($user['s_password'] != sha1(Params::getParam('password'))) {
                 osc_add_flash_message(_m('Current password doesn\'t match'));
                 $this->redirectTo(osc_change_user_password_url());
             } elseif (!Params::getParam('new_password')) {
                 osc_add_flash_message(_m('Passwords can\'t be empty'));
                 $this->redirectTo(osc_change_user_password_url());
             } elseif (Params::getParam('new_password') != Params::getParam('new_password2')) {
                 osc_add_flash_message(_m('Passwords don\'t match'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
             osc_add_flash_message(_m('Password has been changed'));
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'items':
             // view items user
             $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
             $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
             $total_items = Item::newInstance()->countByUserID($_SESSION['userId']);
             $total_pages = ceil($total_items / $itemsPerPage);
             $items = Item::newInstance()->findByUserID($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
             $this->_exportVariableToView('items', $items);
             $this->_exportVariableToView('list_total_pages', $total_pages);
             $this->_exportVariableToView('list_total_items', $total_items);
             $this->_exportVariableToView('items_per_page', $itemsPerPage);
             $this->_exportVariableToView('list_page', $page);
             $this->doView('user-items.php');
             break;
         case 'unsub_alert':
             $email = Params::getParam('email');
             $alert = Params::getParam('alert');
             if ($email != '' && $alert != '') {
                 Alerts::newInstance()->delete(array('s_email' => $email, 's_search' => $alert));
                 osc_add_flash_message(__('Unsubscribed correctly.'));
             } else {
                 osc_add_flash_message(__('Ops! There was a problem trying to unsubscribe you. Please contact the administrator.'));
             }
             $this->redirectTo(osc_user_alerts_url());
             break;
     }
 }
예제 #11
0
    if (@$j->ok && $ok_message && (!$ok_message_optional || !@$j->warnings)) {
        $Conf->confirmMsg($ok_message);
    }
}
if ($Me->privChair && @$_REQUEST["modifygo"] && check_post() && isset($papersel)) {
    if (@$_REQUEST["modifytype"] == "disableaccount") {
        modify_confirm(UserActions::disable($papersel, $Me), "Accounts disabled.", true);
    } else {
        if (@$_REQUEST["modifytype"] == "enableaccount") {
            modify_confirm(UserActions::enable($papersel, $Me), "Accounts enabled.", true);
        } else {
            if (@$_REQUEST["modifytype"] == "resetpassword") {
                modify_confirm(UserActions::reset_password($papersel, $Me), "Passwords reset. <a href=\"" . hoturl_post("users", "t=" . urlencode($_REQUEST["t"]) . "&amp;modifygo=1&amp;modifytype=sendaccount&amp;pap=" . join("+", $papersel)) . "\">Send account information to those accounts</a>", false);
            } else {
                if (@$_REQUEST["modifytype"] == "sendaccount") {
                    modify_confirm(UserActions::send_account_info($papersel, $Me), "Account information sent.", false);
                }
            }
        }
    }
    redirectSelf(array("modifygo" => null, "modifytype" => null));
}
function do_tags()
{
    global $Conf, $Me, $papersel;
    // check tags
    $tagger = new Tagger($Me);
    $t1 = array();
    $errors = array();
    foreach (preg_split('/[\\s,]+/', (string) @$_REQUEST["tag"]) as $t) {
        if ($t === "") {
예제 #12
0
                    }
                    if (isset($_REQUEST["redirect"])) {
                        go(hoturl("index"));
                    } else {
                        if ($newProfile) {
                            $Conf->save_session("profile_redirect", $cj);
                        }
                        redirectSelf();
                    }
                }
            } else {
                if (isset($_REQUEST["merge"]) && !$newProfile && $Acct->contactId == $Me->contactId) {
                    go(hoturl("mergeaccounts"));
                } else {
                    if (isset($_REQUEST["clickthrough"])) {
                        UserActions::save_clickthrough($Acct);
                    }
                }
            }
        }
    }
}
function databaseTracks($who)
{
    global $Conf;
    $tracks = (object) array("soleAuthor" => array(), "author" => array(), "review" => array(), "comment" => array());
    // find authored papers
    $result = $Conf->qe("select Paper.paperId, count(pc.contactId)\n        from Paper\n        join PaperConflict c on (c.paperId=Paper.paperId and c.contactId={$who} and c.conflictType>=" . CONFLICT_AUTHOR . ")\n        join PaperConflict pc on (pc.paperId=Paper.paperId and pc.conflictType>=" . CONFLICT_AUTHOR . ")\n        group by Paper.paperId order by Paper.paperId");
    while ($row = edb_row($result)) {
        if ($row[1] == 1) {
            $tracks->soleAuthor[] = $row[0];
예제 #13
0
 function doModel()
 {
     switch ($this->action) {
         case 'register':
             //register user
             $this->doView('user-register.php');
             break;
         case 'register_post':
             //register user
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_message(_m('The user has been created. An activation email has been sent'));
                     $this->redirectTo(osc_base_url());
                     break;
                 case 2:
                     osc_add_flash_message(_m('Your account has been created successfully'));
                     $this->doView('user-login.php');
                     break;
                 case 3:
                     osc_add_flash_message(_m('The specified e-mail is already in use'));
                     $this->doView('user-register.php');
                     break;
                 case 4:
                     osc_add_flash_message(_m('The reCAPTCHA was not introduced correctly'));
                     $this->doView('user-register.php');
                     break;
             }
             break;
         case 'validate':
             //validate account
             $id = intval(Params::getParam('id'));
             $code = Params::getParam('code');
             $userManager = new User();
             $user = $userManager->findByIdSecret($id, $code);
             if ($user) {
                 if (!$user['b_enabled']) {
                     $userManager = new User();
                     $userManager->update(array('b_enabled' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
                     $pageManager = new Page();
                     $locale = osc_current_user_locale();
                     $aPage = $pageManager->findByInternalName('email_user_registration');
                     $content = array();
                     if (isset($aPage['locale'][$locale]['s_title'])) {
                         $content = $aPage['locale'][$locale];
                     } else {
                         $content = current($aPage['locale']);
                     }
                     if (!is_null($content)) {
                         $words = array();
                         $words[] = array('{USER_NAME}', '{USER_EMAIL}', '{WEB_TITLE}', '{WEB_URL}');
                         $words[] = array($user['s_name'], $user['s_email'], osc_page_title(), osc_base_url());
                         $title = osc_mailBeauty($content['s_title'], $words);
                         $body = osc_mailBeauty($content['s_text'], $words);
                         $emailParams = array('subject' => $title, 'to' => $user['s_email'], 'to_name' => $user['s_name'], 'body' => $body, 'alt_body' => $body);
                         osc_sendMail($emailParams);
                     }
                     osc_run_hook('validate_user', $user);
                     osc_add_flash_message(_m('Your account has been validated'));
                     // Auto-login
                     Session::newInstance()->_set('userId', $user['pk_i_id']);
                     Session::newInstance()->_set('userName', $user['s_name']);
                     Session::newInstance()->_set('userEmail', $user['s_email']);
                     $phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
                     Session::newInstance()->_set('userPhone', $phone);
                 } else {
                     osc_add_flash_message(_m('Your account has already been activated'));
                 }
             } else {
                 osc_add_flash_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
             }
             $this->redirectTo(osc_base_url());
             break;
     }
 }
예제 #14
0
 */
$allowed_levels = array(9);
require_once 'sys.includes.php';
if (!check_for_admin()) {
    return;
}
$active_nav = 'users';
$page_title = __('Add system user', 'cftp_admin');
include 'header.php';
/**
 * Set checkboxes as 1 to defaul them to checked when first entering
 * the form
 */
$add_user_data_active = 1;
if ($_POST) {
    $new_user = new UserActions();
    /**
     * Clean the posted form values to be used on the user actions,
     * and again on the form if validation failed.
     */
    $add_user_data_name = encode_html($_POST['add_user_form_name']);
    $add_user_data_email = encode_html($_POST['add_user_form_email']);
    $add_user_data_level = encode_html($_POST['add_user_form_level']);
    $add_user_data_user = encode_html($_POST['add_user_form_user']);
    $add_user_data_active = isset($_POST["add_user_form_active"]) ? 1 : 0;
    /** Arguments used on validation and user creation. */
    $new_arguments = array('id' => '', 'username' => $add_user_data_user, 'password' => $_POST['add_user_form_pass'], 'name' => $add_user_data_name, 'email' => $add_user_data_email, 'role' => $add_user_data_level, 'active' => $add_user_data_active, 'type' => 'new_user');
    /** Validate the information from the posted form. */
    $new_validate = $new_user->validate_user($new_arguments);
    /** Create the user if validation is correct. */
    if ($new_validate == 1) {
예제 #15
0
파일: users.php 프로젝트: naneri/Osclass
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'create':
             // calling create view
             $aRegions = array();
             $aCities = array();
             $aCountries = Country::newInstance()->listAll();
             if (isset($aCountries[0]['pk_c_code'])) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             if (isset($aRegions[0]['pk_i_id'])) {
                 $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
             }
             $this->_exportVariableToView('user', null);
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('locales', OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'create_post':
             // creating the user...
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_ok_message(_m("The user has been created. We've sent an activation e-mail"), 'admin');
                     break;
                 case 2:
                     osc_add_flash_ok_message(_m('The user has been created successfully'), 'admin');
                     break;
                 default:
                     osc_add_flash_error_message($success, 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'edit':
             // calling the edit view
             $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($aUser['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($aUser['fk_c_country_code']);
             } else {
                 if (count($aCountries) > 0) {
                     $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
                 }
             }
             $aCities = array();
             if ($aUser['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($aUser['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             $csrf_token = osc_csrf_token_url();
             if ($aUser['b_active']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=deactivate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=INACTIVE">' . __('Deactivate') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=activate&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ACTIVE">' . __('Activate') . '</a>';
             }
             if ($aUser['b_enabled']) {
                 $actions[] = '<a class="btn float-left" href="' . osc_admin_base_url(true) . '?page=users&action=disable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=DISABLE">' . __('Block') . '</a>';
             } else {
                 $actions[] = '<a class="btn btn-red float-left" href="' . osc_admin_base_url(true) . '?page=users&action=enable&id[]=' . $aUser['pk_i_id'] . '&' . $csrf_token . '&value=ENABLE">' . __('Unblock') . '</a>';
             }
             $this->_exportVariableToView("actions", $actions);
             $this->_exportVariableToView("user", $aUser);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'edit_post':
             // edit post
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->edit(Params::getParam("id"));
             if ($success == 1) {
                 osc_add_flash_ok_message(_m('The user has been updated'), 'admin');
             } else {
                 if ($success == 2) {
                     osc_add_flash_ok_message(_m('The user has been updated and activated'), 'admin');
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('id'));
                 }
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'resend_activation':
             //activate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->resend_activation($id);
             }
             if ($iUpdated == 0) {
                 osc_add_flash_error_message(_m('No users have been selected'), 'admin');
             } else {
                 osc_add_flash_ok_message(sprintf(_mn('Activation email sent to one user', 'Activation email sent to %s users', $iUpdated), $iUpdated), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'activate':
             //activate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->activate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been activated');
             } else {
                 $msg = sprintf(_mn('One user has been activated', '%s users have been activated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo($_SERVER['HTTP_REFERER']);
             break;
         case 'deactivate':
             //deactivate
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->deactivate($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been deactivated');
             } else {
                 $msg = sprintf(_mn('One user has been deactivated', '%s users have been deactivated', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo($_SERVER['HTTP_REFERER']);
             break;
         case 'enable':
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->enable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been enabled');
             } else {
                 $msg = sprintf(_mn('One user has been unblocked', '%s users have been unblocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo($_SERVER['HTTP_REFERER']);
             break;
         case 'disable':
             osc_csrf_check();
             require_once LIB_PATH . 'osclass/UserActions.php';
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             $userActions = new UserActions(true);
             foreach ($userId as $id) {
                 $iUpdated += $userActions->disable($id);
             }
             if ($iUpdated == 0) {
                 $msg = _m('No users have been disabled');
             } else {
                 $msg = sprintf(_mn('One user has been blocked', '%s users have been blocked', $iUpdated), $iUpdated);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo($_SERVER['HTTP_REFERER']);
             break;
         case 'delete':
             //delete
             osc_csrf_check();
             $iDeleted = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             }
             foreach ($userId as $id) {
                 $user = $this->userManager->findByPrimaryKey($id);
                 Log::newInstance()->insertLog('user', 'delete', $id, $user['s_email'], 'admin', osc_logged_admin_id());
                 if ($this->userManager->deleteUser($id)) {
                     $iDeleted++;
                 }
             }
             if ($iDeleted == 0) {
                 $msg = _m('No users have been deleted');
             } else {
                 $msg = sprintf(_mn('One user has been deleted', '%s users have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'delete_alerts':
             //delete
             $iDeleted = 0;
             $alertId = Params::getParam('alert_id');
             if (!is_array($alertId)) {
                 osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
                 if (Params::getParam('user_id') == '') {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
                 } else {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
                 }
             }
             $mAlerts = new Alerts();
             foreach ($alertId as $id) {
                 Log::newInstance()->insertLog('user', 'delete_alerts', $id, $id, 'admin', osc_logged_admin_id());
                 $iDeleted += $mAlerts->delete(array('pk_i_id' => $id));
             }
             if ($iDeleted == 0) {
                 $msg = _m('No alerts have been deleted');
             } else {
                 $msg = sprintf(_mn('One alert has been deleted', '%s alerts have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             if (Params::getParam('user_id') == '') {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
             }
             break;
         case 'status_alerts':
             //delete
             $status = Params::getParam("status");
             $iUpdated = 0;
             $alertId = Params::getParam('alert_id');
             if (!is_array($alertId)) {
                 osc_add_flash_error_message(_m("Alert id isn't in the correct format"), 'admin');
                 if (Params::getParam('user_id') == '') {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
                 } else {
                     $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
                 }
             }
             $mAlerts = new Alerts();
             foreach ($alertId as $id) {
                 if ($status == 1) {
                     $iUpdated += $mAlerts->activate($id);
                 } else {
                     $iUpdated += $mAlerts->deactivate($id);
                 }
             }
             if ($status == 1) {
                 if ($iUpdated == 0) {
                     $msg = _m('No alerts have been activated');
                 } else {
                     $msg = sprintf(_mn('One alert has been activated', '%s alerts have been activated', $iUpdated), $iUpdated);
                 }
             } else {
                 if ($iUpdated == 0) {
                     $msg = _m('No alerts have been deactivated');
                 } else {
                     $msg = sprintf(_mn('One alert has been deactivated', '%s alerts have been deactivated', $iUpdated), $iUpdated);
                 }
             }
             osc_add_flash_ok_message($msg, 'admin');
             if (Params::getParam('user_id') == '') {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=alerts');
             } else {
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=edit&id=' . Params::getParam('user_id'));
             }
             break;
         case 'settings':
             // calling the users settings view
             $this->doView('users/settings.php');
             break;
         case 'settings_post':
             // updating users
             osc_csrf_check();
             $iUpdated = 0;
             $enabledUserValidation = Params::getParam('enabled_user_validation');
             $enabledUserValidation = $enabledUserValidation != '' ? true : false;
             $enabledUserRegistration = Params::getParam('enabled_user_registration');
             $enabledUserRegistration = $enabledUserRegistration != '' ? true : false;
             $enabledUsers = Params::getParam('enabled_users');
             $enabledUsers = $enabledUsers != '' ? true : false;
             $notifyNewUser = Params::getParam('notify_new_user');
             $notifyNewUser = $notifyNewUser != '' ? true : false;
             $usernameBlacklistTmp = explode(",", Params::getParam('username_blacklist'));
             foreach ($usernameBlacklistTmp as $k => $v) {
                 $usernameBlacklistTmp[$k] = strtolower(trim($v));
             }
             $usernameBlacklist = implode(",", $usernameBlacklistTmp);
             $iUpdated += osc_set_preference('enabled_user_validation', $enabledUserValidation);
             $iUpdated += osc_set_preference('enabled_user_registration', $enabledUserRegistration);
             $iUpdated += osc_set_preference('enabled_users', $enabledUsers);
             $iUpdated += osc_set_preference('notify_new_user', $notifyNewUser);
             $iUpdated += osc_set_preference('username_blacklist', $usernameBlacklist);
             if ($iUpdated > 0) {
                 osc_add_flash_ok_message(_m("User settings have been updated"), 'admin');
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=settings');
             break;
         case 'alerts':
             // manage alerts view
             require_once osc_lib_path() . "osclass/classes/datatables/AlertsDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $alertsDataTable = new AlertsDataTable();
             $alertsDataTable->table($params);
             $aData = $alertsDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $alertsDataTable->rawRows());
             $this->doView("users/alerts.php");
             break;
         case 'ban':
             // manage ban rules view
             if (Params::getParam("action") != "") {
                 osc_run_hook("ban_rules_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             require_once osc_lib_path() . "osclass/classes/datatables/BanRulesDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $banRulesDataTable = new BanRulesDataTable();
             $banRulesDataTable->table($params);
             $aData = $banRulesDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('aRawRows', $banRulesDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'delete_ban_rule', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected ban rules?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             $bulk_options = osc_apply_filter("ban_rule_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             //calling the view...
             $this->doView('users/ban.php');
             break;
         case 'edit_ban_rule':
             $this->_exportVariableToView('rule', BanRule::newInstance()->findByPrimaryKey(Params::getParam('id')));
             $this->doView('users/ban_frm.php');
             break;
         case 'edit_ban_rule_post':
             osc_csrf_check();
             if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
                 osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             BanRule::newInstance()->update(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))), array('pk_i_id' => Params::getParam('id')));
             osc_add_flash_ok_message(_m('Rule updated correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         case 'create_ban_rule':
             $this->_exportVariableToView('rule', null);
             $this->doView('users/ban_frm.php');
             break;
         case 'create_ban_rule_post':
             osc_csrf_check();
             if (Params::getParam('s_ip') == '' && Params::getParam('s_email') == '') {
                 osc_add_flash_warning_message(_m("Both rules can not be empty"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             BanRule::newInstance()->insert(array('s_name' => Params::getParam('s_name'), 's_ip' => Params::getParam('s_ip'), 's_email' => strtolower(Params::getParam('s_email'))));
             osc_add_flash_ok_message(_m('Rule saved correctly'), 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         case 'delete_ban_rule':
             //delete ban rules
             osc_csrf_check();
             $iDeleted = 0;
             $ruleId = Params::getParam('id');
             if (!is_array($ruleId)) {
                 osc_add_flash_error_message(_m("User id isn't in the correct format"), 'admin');
                 $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             }
             $ruleMgr = BanRule::newInstance();
             foreach ($ruleId as $id) {
                 if ($ruleMgr->deleteByPrimaryKey($id)) {
                     $iDeleted++;
                 }
             }
             if ($iDeleted == 0) {
                 $msg = _m('No rules have been deleted');
             } else {
                 $msg = sprintf(_mn('One ban rule has been deleted', '%s ban rules have been deleted', $iDeleted), $iDeleted);
             }
             osc_add_flash_ok_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users&action=ban');
             break;
         default:
             // manage users view
             if (Params::getParam("action") != "") {
                 osc_run_hook("user_bulk_" . Params::getParam("action"), Params::getParam('id'));
             }
             require_once osc_lib_path() . "osclass/classes/datatables/UsersDataTable.php";
             // set default iDisplayLength
             if (Params::getParam('iDisplayLength') != '') {
                 Cookie::newInstance()->push('listing_iDisplayLength', Params::getParam('iDisplayLength'));
                 Cookie::newInstance()->set();
             } else {
                 // set a default value if it's set in the cookie
                 if (Cookie::newInstance()->get_value('listing_iDisplayLength') != '') {
                     Params::setParam('iDisplayLength', Cookie::newInstance()->get_value('listing_iDisplayLength'));
                 } else {
                     Params::setParam('iDisplayLength', 10);
                 }
             }
             $this->_exportVariableToView('iDisplayLength', Params::getParam('iDisplayLength'));
             // Table header order by related
             if (Params::getParam('sort') == '') {
                 Params::setParam('sort', 'date');
             }
             if (Params::getParam('direction') == '') {
                 Params::setParam('direction', 'desc');
             }
             $page = (int) Params::getParam('iPage');
             if ($page == 0) {
                 $page = 1;
             }
             Params::setParam('iPage', $page);
             $params = Params::getParamsAsArray();
             $usersDataTable = new UsersDataTable();
             $usersDataTable->table($params);
             $aData = $usersDataTable->getData();
             if (count($aData['aRows']) == 0 && $page != 1) {
                 $total = (int) $aData['iTotalDisplayRecords'];
                 $maxPage = ceil($total / (int) $aData['iDisplayLength']);
                 $url = osc_admin_base_url(true) . '?' . $_SERVER['QUERY_STRING'];
                 if ($maxPage == 0) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=1', $url);
                     $this->redirectTo($url);
                 }
                 if ($page > 1) {
                     $url = preg_replace('/&iPage=(\\d)+/', '&iPage=' . $maxPage, $url);
                     $this->redirectTo($url);
                 }
             }
             $this->_exportVariableToView('aData', $aData);
             $this->_exportVariableToView('withFilters', $usersDataTable->withFilters());
             $this->_exportVariableToView('aRawRows', $usersDataTable->rawRows());
             $bulk_options = array(array('value' => '', 'data-dialog-content' => '', 'label' => __('Bulk actions')), array('value' => 'activate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Activate'))), 'label' => __('Activate')), array('value' => 'deactivate', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Deactivate'))), 'label' => __('Deactivate')), array('value' => 'enable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Unblock'))), 'label' => __('Unblock')), array('value' => 'disable', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Block'))), 'label' => __('Block')), array('value' => 'delete', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Delete'))), 'label' => __('Delete')));
             if (osc_user_validation_enabled()) {
                 $bulk_options[] = array('value' => 'resend_activation', 'data-dialog-content' => sprintf(__('Are you sure you want to %s the selected users?'), strtolower(__('Resend the activation to'))), 'label' => __('Resend activation'));
             }
             $bulk_options = osc_apply_filter("user_bulk_filter", $bulk_options);
             $this->_exportVariableToView('bulk_options', $bulk_options);
             //calling the view...
             $this->doView('users/index.php');
             break;
     }
 }
예제 #16
0
파일: home.php 프로젝트: kohler/peteramati
        $users = edb_first_columns(Dbl::qe_raw("select contactId from ContactInfo where (roles&" . Contact::ROLE_PCLIKE . ")=0 and not extension"));
    } else {
        if ($_GET["enable_user"] == "extension") {
            $users = edb_first_columns(Dbl::qe_raw("select contactId from ContactInfo where (roles&" . Contact::ROLE_PCLIKE . ")=0 and extension"));
        } else {
            if ($_GET["enable_user"] == "pc") {
                $users = edb_first_columns(Dbl::qe_raw("select contactId from ContactInfo where (roles&" . Contact::ROLE_PC . ")!=0"));
            } else {
                $users = edb_first_columns(Dbl::qe("select contactId from ContactInfo where email like ?", $_GET["enable_user"]));
            }
        }
    }
    if (!count($users)) {
        $Conf->warnMsg("No users match.");
    } else {
        UserActions::enable($users, $Me);
        redirectSelf();
    }
}
$title = !$Me->is_empty() && !isset($_REQUEST["signin"]) ? "Home" : "Sign in";
$Conf->header($title, "home");
$xsep = " <span class='barsep'>&nbsp;|&nbsp;</span> ";
if ($Me->privChair) {
    echo "<div id='clock_drift_container'></div>";
}
// Sidebar
echo "<div class='homeside'>";
echo "<noscript><div class='homeinside'>", "<strong>HotCRP requires Javascript.</strong> ", "Many features will work without Javascript, but not all.<br />", "<a style='font-size:smaller' href='http://read.seas.harvard.edu/~kohler/hotcrp/'>Report bad compatibility problems</a></div></noscript>";
// Conference management
if ($Me->privChair) {
    echo "<div id='homemgmt' class='homeinside'>\n  <h4>Administration</h4>\n  <ul>\n    <!-- <li><a href='", hoturl("settings"), "'>Settings</a></li>\n    <li><a href='", hoturl("users", "t=all"), "'>Users</a></li> -->\n    <li><a href='", hoturl("mail"), "'>Send mail</a></li>\n    <li><a href='", hoturl_post("index", "report=nonanonymous"), "'>Overall grade report</a></li>\n    <!-- <li><a href='", hoturl("log"), "'>Action log</a></li> -->\n  </ul>\n</div>\n";
예제 #17
0
파일: user.php 프로젝트: acharei/OSClass
 function doModel()
 {
     switch ($this->action) {
         case 'dashboard':
             //dashboard...
             $max_items = Params::getParam('max_items') != '' ? Params::getParam('max_items') : 5;
             $aItems = Item::newInstance()->findByUserIDEnabled(Session::newInstance()->_get('userId'), 0, $max_items);
             //calling the view...
             $this->_exportVariableToView('items', $aItems);
             $this->_exportVariableToView('max_items', $max_items);
             $this->doView('user-dashboard.php');
             break;
         case 'profile':
             //profile...
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($user['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->findByCountry($user['fk_c_country_code']);
             } elseif (count($aCountries) > 0) {
                 $aRegions = Region::newInstance()->findByCountry($aCountries[0]['pk_c_code']);
             }
             $aCities = array();
             if ($user['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->findByRegion($user['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->findByRegion($aRegions[0]['pk_i_id']);
                 }
             }
             //calling the view...
             $this->_exportVariableToView('countries', $aCountries);
             $this->_exportVariableToView('regions', $aRegions);
             $this->_exportVariableToView('cities', $aCities);
             $this->_exportVariableToView('user', $user);
             $this->doView('user-profile.php');
             break;
         case 'profile_post':
             //profile post...
             $userId = Session::newInstance()->_get('userId');
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->edit($userId);
             osc_add_flash_ok_message(_m('Your profile has been updated successfully'));
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'alerts':
             //alerts
             $aAlerts = Alerts::newInstance()->findByUser(Session::newInstance()->_get('userId'));
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             foreach ($aAlerts as $k => $a) {
                 $search = osc_unserialize(base64_decode($a['s_search']));
                 $search->limit(0, 3);
                 $aAlerts[$k]['items'] = $search->doSearch();
             }
             $this->_exportVariableToView('alerts', $aAlerts);
             View::newInstance()->_reset('alerts');
             $this->_exportVariableToView('user', $user);
             $this->doView('user-alerts.php');
             break;
         case 'change_email':
             //change email
             $this->doView('user-change_email.php');
             break;
         case 'change_email_post':
             //change email post
             if (!preg_match("/^[_a-z0-9-\\+]+(\\.[_a-z0-9-\\+]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$/", Params::getParam('new_email'))) {
                 osc_add_flash_error_message(_m('The specified e-mail is not valid'));
                 $this->redirectTo(osc_change_user_email_url());
             } else {
                 $user = User::newInstance()->findByEmail(Params::getParam('new_email'));
                 if (!isset($user['pk_i_id'])) {
                     $userEmailTmp = array();
                     $userEmailTmp['fk_i_user_id'] = Session::newInstance()->_get('userId');
                     $userEmailTmp['s_new_email'] = Params::getParam('new_email');
                     UserEmailTmp::newInstance()->insertOrUpdate($userEmailTmp);
                     $code = osc_genRandomPassword(30);
                     $date = date('Y-m-d H:i:s');
                     $userManager = new User();
                     $userManager->update(array('s_pass_code' => $code, 's_pass_date' => $date, 's_pass_ip' => $_SERVER['REMOTE_ADDR']), array('pk_i_id' => Session::newInstance()->_get('userId')));
                     $validation_url = osc_change_user_email_confirm_url(Session::newInstance()->_get('userId'), $code);
                     osc_run_hook('hook_email_new_email', Params::getParam('new_email'), $validation_url);
                     $this->redirectTo(osc_user_profile_url());
                 } else {
                     osc_add_flash_error_message(_m('The specified e-mail is already in use'));
                     $this->redirectTo(osc_change_user_email_url());
                 }
             }
             break;
         case 'change_password':
             //change password
             $this->doView('user-change_password.php');
             break;
         case 'change_password_post':
             //change password post
             $user = User::newInstance()->findByPrimaryKey(Session::newInstance()->_get('userId'));
             if (Params::getParam('password') == '' || Params::getParam('new_password') == '' || Params::getParam('new_password2') == '') {
                 osc_add_flash_warning_message(_m('Password cannot be blank'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if ($user['s_password'] != sha1(Params::getParam('password'))) {
                 osc_add_flash_error_message(_m('Current password doesn\'t match'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (!Params::getParam('new_password')) {
                 osc_add_flash_error_message(_m('Passwords can\'t be empty'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             if (Params::getParam('new_password') != Params::getParam('new_password2')) {
                 osc_add_flash_error_message(_m('Passwords don\'t match'));
                 $this->redirectTo(osc_change_user_password_url());
             }
             User::newInstance()->update(array('s_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => Session::newInstance()->_get('userId')));
             osc_add_flash_ok_message(_m('Password has been changed'));
             $this->redirectTo(osc_user_profile_url());
             break;
         case 'items':
             // view items user
             $itemsPerPage = Params::getParam('itemsPerPage') != '' ? Params::getParam('itemsPerPage') : 5;
             $page = Params::getParam('iPage') != '' ? Params::getParam('iPage') : 0;
             $total_items = Item::newInstance()->countByUserIDEnabled($_SESSION['userId']);
             $total_pages = ceil($total_items / $itemsPerPage);
             $items = Item::newInstance()->findByUserIDEnabled($_SESSION['userId'], $page * $itemsPerPage, $itemsPerPage);
             $this->_exportVariableToView('items', $items);
             $this->_exportVariableToView('list_total_pages', $total_pages);
             $this->_exportVariableToView('list_total_items', $total_items);
             $this->_exportVariableToView('items_per_page', $itemsPerPage);
             $this->_exportVariableToView('list_page', $page);
             $this->doView('user-items.php');
             break;
         case 'activate_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             $result = 0;
             if ($email != '' && $secret != '') {
                 $result = Alerts::newInstance()->activate($email, $secret);
             }
             if ($result == 1) {
                 osc_add_flash_ok_message(_m('Alert activated'));
             } else {
                 osc_add_flash_error_message(_m('Ops! There was a problem trying to activate alert. Please contact the administrator'));
             }
             $this->redirectTo(osc_base_url(true));
             break;
         case 'unsub_alert':
             $email = Params::getParam('email');
             $secret = Params::getParam('secret');
             if ($email != '' && $secret != '') {
                 Alerts::newInstance()->delete(array('s_email' => $email, 's_secret' => $secret));
                 osc_add_flash_ok_message(_m('Unsubscribed correctly'));
             } else {
                 osc_add_flash_error_message(_m('Ops! There was a problem trying to unsubscribe you. Please contact the administrator'));
             }
             $this->redirectTo(osc_user_alerts_url());
             break;
         case 'deleteResource':
             $id = Params::getParam('id');
             $name = Params::getParam('name');
             $fkid = Params::getParam('fkid');
             osc_deleteResource($id);
             ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $fkid, 's_name' => $name));
             $this->redirectTo(osc_base_url(true) . "?page=item&action=item_edit&id=" . $fkid);
             break;
     }
 }
예제 #18
0
 function doModel()
 {
     parent::doModel();
     //specific things for this class
     switch ($this->action) {
         case 'create':
             // callign create view
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aCountries = Country::newInstance()->listAll();
             if (isset($aCountries[0]['pk_c_code'])) {
                 $aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
             }
             if (isset($aRegions[0]['pk_i_id'])) {
                 $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
             }
             $this->_exportVariableToView("user", null);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'create_post':
             // creating the user...
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->add();
             switch ($success) {
                 case 1:
                     osc_add_flash_message(_m('The user has been created. We\'ve sent an activation e-mail'), 'admin');
                     break;
                 case 2:
                     osc_add_flash_message(_m('The user has been created and activated'), 'admin');
                     break;
                 case 3:
                     osc_add_flash_message(_m('Sorry, but that e-mail is already in use'), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'edit':
             // calling the edit view
             $aUser = array();
             $aCountries = array();
             $aRegions = array();
             $aCities = array();
             $aUser = $this->userManager->findByPrimaryKey(Params::getParam("id"));
             $aCountries = Country::newInstance()->listAll();
             $aRegions = array();
             if ($aUser['fk_c_country_code'] != '') {
                 $aRegions = Region::newInstance()->getByCountry($aUser['fk_c_country_code']);
             } else {
                 if (count($aCountries) > 0) {
                     $aRegions = Region::newInstance()->getByCountry($aCountries[0]['pk_c_code']);
                 }
             }
             $aCities = array();
             if ($aUser['fk_i_region_id'] != '') {
                 $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aUser['fk_i_region_id']);
             } else {
                 if (count($aRegions) > 0) {
                     $aCities = City::newInstance()->listWhere("fk_i_region_id = %d", $aRegions[0]['pk_i_id']);
                 }
             }
             $this->_exportVariableToView("user", $aUser);
             $this->_exportVariableToView("countries", $aCountries);
             $this->_exportVariableToView("regions", $aRegions);
             $this->_exportVariableToView("cities", $aCities);
             $this->_exportVariableToView("locales", OSCLocale::newInstance()->listAllEnabled());
             $this->doView("users/frm.php");
             break;
         case 'edit_post':
             // edit post
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(true);
             $success = $userActions->edit(Params::getParam("id"));
             switch ($success) {
                 case 1:
                     osc_add_flash_message(_m('Passwords don\'t match'), 'admin');
                     break;
                 case 2:
                     osc_add_flash_message(_m('The user has been updated and activated'), 'admin');
                     break;
                 default:
                     osc_add_flash_message(_m('The user has been updated'), 'admin');
                     break;
             }
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'activate':
             //activate
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             foreach ($userId as $id) {
                 $conditions = array('pk_i_id' => $id);
                 $values = array('b_enabled' => 1);
                 $iUpdated += $this->userManager->update($values, $conditions);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been activated');
                     break;
                 case 1:
                     $msg = _m('One user has been activated');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been activated'), $iUpdated);
                     break;
             }
             osc_add_flash_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'deactivate':
             //deactivate
             $iUpdated = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             foreach ($userId as $id) {
                 $conditions = array('pk_i_id' => $id);
                 $values = array('b_enabled' => 0);
                 $iUpdated += $this->userManager->update($values, $conditions);
             }
             switch ($iUpdated) {
                 case 0:
                     $msg = _m('No user has been deactivated');
                     break;
                 case 1:
                     $msg = _m('One user has been deactivated');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been deactivated'), $iUpdated);
                     break;
             }
             osc_add_flash_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         case 'delete':
             //delete
             $iDeleted = 0;
             $userId = Params::getParam('id');
             if (!is_array($userId)) {
                 osc_add_flash_message(_m('User id isn\'t in the correct format'), 'admin');
             }
             foreach ($userId as $id) {
                 if ($this->userManager->deleteUser($id)) {
                     $iDeleted++;
                 }
             }
             switch ($iDeleted) {
                 case 0:
                     $msg = _m('No user has been deleted');
                     break;
                 case 1:
                     $msg = _m('One user has been deleted');
                     break;
                 default:
                     $msg = sprintf(_m('%s users have been deleted'), $iDeleted);
                     break;
             }
             osc_add_flash_message($msg, 'admin');
             $this->redirectTo(osc_admin_base_url(true) . '?page=users');
             break;
         default:
             // manage users view
             $aUsers = $this->userManager->listAll();
             $this->_exportVariableToView("users", $aUsers);
             $this->doView("users/index.php");
             break;
     }
 }
예제 #19
0
 public function init()
 {
     self::$user = $this->getUser();
     if (!osc_is_web_user_logged_in()) {
         self::$loginUrl = self::$facebook->getLoginUrl(array('scope' => 'email'));
     }
     if (!self::$user) {
         return self::$facebook;
     }
     try {
         self::$user_profile = self::$facebook->api('/me');
         $this->dao->select($this->getFields());
         $this->dao->from($this->getTableName());
         $this->dao->where('i_facebook_uid', self::$user);
         $rs = $this->dao->get();
         if ($rs !== false && $rs->numRows() === 1) {
             $fbUser = $rs->row();
             if (count($fbUser) > 0) {
                 require_once osc_lib_path() . 'osclass/UserActions.php';
                 $uActions = new UserActions(false);
                 $logged = $uActions->bootstrap_login($fbUser['fk_i_user_id']);
                 switch ($logged) {
                     case 0:
                         osc_add_flash_error_message(__('The username doesn\'t exist', 'facebook'));
                         break;
                     case 1:
                         osc_add_flash_error_message(__('The user has not been validated yet', 'facebook'));
                         break;
                     case 2:
                         osc_add_flash_error_message(__('The user has been suspended', 'facebook'));
                         break;
                     case 3:
                         //osc_add_flash_ok_message( __( 'Login successfull', 'facebook' ) );
                         break;
                 }
                 return self::$facebook;
             }
         }
         if (!isset(self::$user_profile['email'])) {
             osc_add_flash_error_message(__('Some error occured trying to connect with Facebook.', 'facebook'));
             header('Location: ' . self::$logoutUrl);
             exit;
         }
         $manager = User::newInstance();
         $oscUser = $manager->findByEmail(self::$user_profile['email']);
         // exists on our DB, we merge both accounts
         if (count($oscUser) > 0) {
             require_once osc_lib_path() . 'osclass/UserActions.php';
             $uActions = new UserActions(false);
             $manager->dao->from($this->getTableName());
             $manager->dao->set('fk_i_user_id', $oscUser['pk_i_id']);
             $manager->dao->set('i_facebook_uid', self::$user_profile['id']);
             $manager->dao->insert();
             osc_add_flash_ok_message(__("You already have an user with this e-mail address. We've merged your accounts", 'facebook'));
             // activate user in case is not activated
             $manager->update(array('b_active' => '1'), array('pk_i_id' => $oscUser['pk_i_id']));
             $logged = $uActions->bootstrap_login($oscUser['pk_i_id']);
         } else {
             // Auto-register him
             $this->register_user(self::$user_profile);
         }
         // redirect to log in
         header('Location: ' . osc_base_url());
         exit;
     } catch (FacebookApiException $e) {
         self::$user = null;
     }
     return self::$facebook;
 }
예제 #20
0
                 echo system_message('error', $msg);
             }
         }
         if ($affected_users > 0) {
             $msg = __('The selected users were marked as inactive.', 'cftp_admin');
             echo system_message('ok', $msg);
             $log_action_number = 28;
         }
         break;
     case 'delete':
         foreach ($selected_users as $work_user) {
             /**
              * A user should not be able to delete himself
              */
             if ($work_user != $my_info['id']) {
                 $this_user = new UserActions();
                 $delete_user = $this_user->delete_user($work_user);
                 $affected_users++;
             } else {
                 $msg = __('You cannot delete your own account.', 'cftp_admin');
                 echo system_message('error', $msg);
             }
         }
         if ($affected_users > 0) {
             $msg = __('The selected users were deleted.', 'cftp_admin');
             echo system_message('ok', $msg);
             $log_action_number = 16;
         }
         break;
 }
 /** Record the action log */
예제 #21
0
 function doModel()
 {
     switch ($this->action) {
         case 'login_post':
             //post execution for the login
             $user = User::newInstance()->findByEmail(Params::getParam('email'));
             if (!$user) {
                 osc_add_flash_message(_m('The username doesn\'t exist'));
                 $this->redirectTo(osc_user_login_url());
             }
             if (!$user['b_enabled']) {
                 osc_add_flash_message(_m('The user has not been validated yet'));
                 $this->redirectTo(osc_user_login_url());
             }
             if ($user["s_password"] == sha1(Params::getParam('password'))) {
                 if (Params::getParam('remember') == 1) {
                     //this include contains de osc_genRandomPassword function
                     require_once osc_lib_path() . 'osclass/helpers/hSecurity.php';
                     $secret = osc_genRandomPassword();
                     User::newInstance()->update(array('s_secret' => $secret), array('pk_i_id' => $user['pk_i_id']));
                     Cookie::newInstance()->set_expires(osc_time_cookie());
                     Cookie::newInstance()->push('oc_userId', $user['pk_i_id']);
                     Cookie::newInstance()->push('oc_userSecret', $secret);
                     Cookie::newInstance()->set();
                 }
                 //we are logged in... let's go!
                 Session::newInstance()->_set('userId', $user['pk_i_id']);
                 Session::newInstance()->_set('userName', $user['s_name']);
                 Session::newInstance()->_set('userEmail', $user['s_email']);
                 $phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
                 Session::newInstance()->_set('userPhone', $phone);
             } else {
                 osc_add_flash_message(_m('The password is incorrect'));
             }
             //returning logged in to the main page...
             $this->redirectTo(osc_user_dashboard_url());
             break;
         case 'recover':
             //form to recover the password (in this case we have the form in /gui/)
             $this->doView('user-recover.php');
             break;
         case 'recover_post':
             //post execution to recover the password
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $recaptcha_ok = $userActions->recover_password();
             if ($recaptcha_ok) {
                 // We ALWAYS show the same message, so we don't give clues about which emails are in our database and which don't!
                 osc_add_flash_message(_m('We have sent you an email with the instructions to reset your password'));
                 $this->redirectTo(osc_base_url());
             } else {
                 osc_add_flash_message(_m('The recaptcha code is wrong'));
                 $this->redirectTo(osc_recover_user_password_url());
             }
             break;
         case 'forgot':
             //form to recover the password (in this case we have the form in /gui/)
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 $this->doView('user-forgot_password.php');
             } else {
                 osc_add_flash_message(_m('Sorry, the link is not valid'));
                 $this->redirectTo(osc_base_url());
             }
             break;
         case 'forgot_post':
             $user = User::newInstance()->findByIdPasswordSecret(Params::getParam('userId'), Params::getParam('code'));
             if ($user) {
                 if (Params::getParam('new_password') == Params::getParam('new_password2')) {
                     User::newInstance()->update(array('s_pass_code' => osc_genRandomPassword(50), 's_pass_date' => date('Y-m-d H:i:s', 0), 's_pass_ip' => $_SERVER['REMOTE_ADDR'], 's_password' => sha1(Params::getParam('new_password'))), array('pk_i_id' => $user['pk_i_id']));
                     osc_add_flash_message(_m('The password has been changed'));
                     $this->redirectTo(osc_user_login_url());
                 } else {
                     osc_add_flash_message(_m('Error, the password don\'t match'));
                     $this->redirectTo(osc_forgot_user_password_confirm_url(Params::getParam('userId'), Params::getParam('code')));
                 }
             } else {
                 osc_add_flash_message(_m('Sorry, the link is not valid'));
             }
             $this->redirectTo(osc_base_url());
             break;
         default:
             //login
             if (osc_logged_user_id() != '') {
                 $this->redirectTo(osc_user_dashboard_url());
             }
             $this->doView('user-login.php');
     }
 }
예제 #22
0
if ($Me->is_empty()) {
    $Me->escape();
}
global $User, $Pset, $Info, $Commit;
$User = $Me;
if (isset($_REQUEST["u"]) && (!$Me->isPC || !($User = ContactView::prepare_user($_REQUEST["u"])))) {
    redirectSelf(array("u" => null));
}
assert($User == $Me || $Me->isPC);
assert($Me->privChair);
if (@$_POST["enable"] && check_post()) {
    UserActions::enable(array($User->contactId), $Me);
    redirectSelf();
}
if (@$_POST["disable"] && check_post()) {
    UserActions::disable(array($User->contactId), $Me);
    redirectSelf();
}
if (@$_POST["update"] && check_post()) {
    $ck = $cv = array();
    $roles = 0;
    if (@$_POST["pctype"] === "chair") {
        $roles |= Contact::ROLE_CHAIR | Contact::ROLE_PC;
    } else {
        if (@$_POST["pctype"] === "pc") {
            $roles |= Contact::ROLE_PC;
        }
    }
    if (@$_POST["sysadmin"]) {
        $roles |= Contact::ROLE_ADMIN;
    }
예제 #23
0
 function doModel()
 {
     switch ($this->action) {
         case 'register':
             //register user
             $this->doView('user-register.php');
             break;
         case 'register_post':
             //register user
             osc_csrf_check();
             if (!osc_users_enabled()) {
                 osc_add_flash_error_message(_m('Users are not enabled'));
                 $this->redirectTo(osc_base_url());
             }
             osc_run_hook('before_user_register');
             $banned = osc_is_banned(Params::getParam('s_email'));
             if ($banned == 1) {
                 osc_add_flash_error_message(_m('Your current email is not allowed'));
                 $this->redirectTo(osc_register_account_url());
             } else {
                 if ($banned == 2) {
                     osc_add_flash_error_message(_m('Your current IP is not allowed'));
                     $this->redirectTo(osc_register_account_url());
                 }
             }
             require_once LIB_PATH . 'osclass/UserActions.php';
             $userActions = new UserActions(false);
             $success = $userActions->add();
             if ($success == 1) {
                 osc_add_flash_ok_message(_m('The user has been created. An activation email has been sent'));
                 $this->redirectTo(osc_base_url());
             } else {
                 if ($success == 2) {
                     osc_add_flash_ok_message(_m('Your account has been created successfully'));
                     Params::setParam('action', 'login_post');
                     Params::setParam('email', Params::getParam('s_email'));
                     Params::setParam('password', Params::getParam('s_password', false, false));
                     require_once osc_lib_path() . 'osclass/controller/login.php';
                     $do = new CWebLogin();
                     $do->doModel();
                 } else {
                     osc_add_flash_error_message($success);
                     $this->redirectTo(osc_register_account_url());
                 }
             }
             break;
         case 'validate':
             //validate account
             $id = intval(Params::getParam('id'));
             $code = Params::getParam('code');
             $userManager = new User();
             $user = $userManager->findByIdSecret($id, $code);
             if (!$user) {
                 osc_add_flash_error_message(_m('The link is not valid anymore. Sorry for the inconvenience!'));
                 $this->redirectTo(osc_base_url());
             }
             if ($user['b_active'] == 1) {
                 osc_add_flash_error_message(_m('Your account has already been validated'));
                 $this->redirectTo(osc_base_url());
             }
             $userManager = new User();
             $success = $userManager->update(array('b_active' => '1'), array('pk_i_id' => $id, 's_secret' => $code));
             if ($success) {
                 // Auto-login
                 Session::newInstance()->_set('userId', $user['pk_i_id']);
                 Session::newInstance()->_set('userName', $user['s_name']);
                 Session::newInstance()->_set('userEmail', $user['s_email']);
                 $phone = $user['s_phone_mobile'] ? $user['s_phone_mobile'] : $user['s_phone_land'];
                 Session::newInstance()->_set('userPhone', $phone);
                 osc_run_hook('hook_email_user_registration', $user);
                 osc_run_hook('validate_user', $user);
                 osc_add_flash_ok_message(_m('Your account has been validated'));
             } else {
                 osc_add_flash_ok_message(_m('Account validation failed'));
             }
             $this->redirectTo(osc_base_url());
             break;
     }
 }